From 0b792bd37b9b6a1cc5914ab95987359fda972ff2 Mon Sep 17 00:00:00 2001 From: Evan Hunt Date: Tue, 25 Jun 2019 17:53:32 -0700 Subject: [PATCH] don't overwrite the dns_master_loadfile() result before calling zone_postload() if "rndc reload" fails, the result code is supposed to be passed to zone_postload, but for inline-signing zones, the result can be overwritten first by a call to the ZONE_TRYLOCK macro. this can lead to the partially-loaded unsigned zone being synced over to the signed zone instead of being rejected. --- lib/dns/zone.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/dns/zone.c b/lib/dns/zone.c index d97491c61f..9706d9e2b2 100644 --- a/lib/dns/zone.c +++ b/lib/dns/zone.c @@ -15943,8 +15943,8 @@ zone_loaddone(void *arg, isc_result_t result) { LOCK_ZONE(zone->raw); else if (inline_raw(zone)) { secure = zone->secure; - TRYLOCK_ZONE(result, secure); - if (result != ISC_R_SUCCESS) { + TRYLOCK_ZONE(tresult, secure); + if (tresult != ISC_R_SUCCESS) { UNLOCK_ZONE(zone); secure = NULL; isc_thread_yield();